Privacy statement Merin
Merin takes your privacy seriously and will process and use information about you (the data subject) in a safe way. In this Privacy Statement we explain which personal data we process, and for what purpose. In addition, this Privacy Statement will give you information about your rights with regard to our processing of your personal data. We encourage you to carefully read through this Privacy Statement. If you have any questions, please contact firstname.lastname@example.org.
Who is Merin?
We are Merin Management B.V. (hereinafter: Merin), and we have our registered office at Hogehilweg 8, 1101 CC Amsterdam. We focus on acquisition, management, exploitation, development and investing in offices and business premises in the Netherlands.
In the context of our services, we collect, retain, pass on or otherwise process personal data. On the basis of the applicable privacy legislation, we qualify as a processing controller with regard to your personal data as processed by us.
How does Merin use your data?
Below you will find an overview of the purposes for which Merin processes your personal data. In each case, it is stated which data Merin uses for that specific purpose, the legal basis permitting the processing of the data and how long the data will be kept by Merin. In order to give you an organised overview, we have grouped it by type of data flow.
Provision of services, customer management and financial administration
|Financial administration||Name, Company Name, Billing Address, Bank Details (Name of Bank/IBAN/BIC), Outstanding Balance||Implementation of the agreement
|Ten (10) years from the date of drafting of the document, or such longer period as is required in connection with a pending or expected legal dispute.|
|Invoicing||Company Name, Billing Address, Chamber of Commerce Number, VAT number, Customer Number, Telephone Number, E-mail Address||Implementation of the agreement||Ten (10) years from the date of drafting of the document, or such longer period as is required in connection with pending or expected legal proceedings|
|CRM||Name, E-mail Address, Order History, Telephone Number, Chamber of Commerce Number, Website url., Company Logo, Address.||Implementation of the agreement
|Five (5) years after termination of the customer relationship, or such longer period as is required in connection with pending or expected legal proceedings.|
|Provision of services||Name, Address and Residence data, E-mail Address, File Data, Financial Data, Information necessary to deliver the service, Data that are generated during the service||Implementation of the agreement||Five (5) years after termination of the customer relationship, or such longer period as is required in connection with pending or expected legal proceedings.
|Lease||Name, Address and Residence data, Chamber of Commerce Number, Telephone Number, E-mail Address, Gender, Copy ID||Implementation of the agreement||Five (5) years after the termination of a lease|
|Offer an account||Name, Address, E-mail Address, User Name||Implementation of the agreement||Three (3) months after the termination of the account|
|Listing company name on our website||Company name, logo, website url.||Implementation of the agreement||three (3) months after the removal of the listing on the website|
How do we obtain your personal data?
Merin holds data about you because you have provided us with data and because Merin has obtained data from third parties. Those third parties may, for example, be (online) real estate agents. The following personal data are obtained from the online real estate agents: name company, name contact person within the company, his/her telephone number and his/her e-mail address.
What are your rights?
Under the European General Data Protection Regulation, you have a number of rights relating to your data and the processing thereof:
Right to access
If you want to access the personal data Merin has stored on you, you may submit a request to that end.
Right to rectification
If you want to make changes to your personal data, you may submit a request to this effect to Merin. You may request that Merin changes, rectifies or supplements your data.
Right to erasure
In certain cases, you have the right to have certain personal data erased. This is the case, for example, if the data have been processed unlawfully or if the data are no longer needed for the purpose for which they were collected or processed.
Right to restriction of processing
In addition, you have the right, under certain conditions, to obtain from Merin restriction of the processing of your personal data.
Right to object
If certain processing takes place on the basis of the ‘legitimate interest’ of Merin or a third party, you have the right to object to such processing.
You have the right to obtain your personal data from Merin. Merin will provide these in a structured and conventional form, which can be opened easily in other common digital systems. This way, you can also store your data with another provider.
Whenever the basis for particular data processing requires your consent, you have the right to revoke such consent. This has no consequences for the past, but does mean, however, that we may in that case no longer process these data. It may be that as a result, Merin will no longer be able to deliver certain services to you.
Reaction by Merin
A request may be sent to email@example.com. Merin will deal with your request as soon as possible and in any event will come back to you not later than one (1) month after Merin has received such a request, to inform you about the result of your request. If Merin rejects your request, we will indicate in our reply as to why the request has been rejected.
Recipients of the personal data
The data may be passed on to:
- Processors, like IT service providers, marketing agencies, (online) real estate agents etc.
- Parties involved in the execution or performance of an agreement between you and Merin, like suppliers, utility companies, contractors, etc.
- External advisers, like legal advisers, debt collection agencies, etc.
It may be that Merin is obliged to provide your data to a third party, for example on the basis of a statutory obligation.
Passing on to another country or international organisation
It may, for (for example) technical and operational reasons, be necessary that your personal data are passed on to companies affiliated with Merin outside the European Economic Area. Because the regulations in the field of the protection of privacy may probably not offer the same protection as within the European Economic Area, Merin will make use of the Privacy Shield of the EU Model Clauses in order to protect your privacy as far as possible. You may request us to provide you with a copy of the appropriate safeguards in this respect. If that is not possible, Merin will ask for your permission to pass on your personal data to countries without an adequate level of protection. You may withdraw this permission at any time.
What are cookies and how does Merin use them?
Cookies are small pieces of text information which are sent to your browser when you visit the website of Merin, and which are subsequently stored on the hard disk or in the memory of your computer, tablet or mobile phone (hereinafter: Device). The cookies stored via the website of Merin cannot damage your Device or the files stored on such Device. You can read more about our cookies in our cookie statement.
Can this Privacy Statement be changed?
This Privacy Statement may be changed. We therefore advise you to read the Privacy Statement regularly for any changes. In the event of substantial changes, we will inform you accordingly.
Who do I contact if I have a complaint or a question?
If you have any questions about this Privacy Statement and the way in which Merin uses your data, please send an e-mail to firstname.lastname@example.org. Also, if you have a complaint about the way in which Merin processes your data, please send an e-mail to email@example.com. In addition, you may always contact the competent national regulatory authorities in the field of privacy protection. In the Netherlands, this is the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).